Chloe Thonus

Bite Sized Cyber Crime

Bite Sized Cyber Crime is a short true crime series about cyber crime, notorious viruses and scams, and dark web operations. You can learn how hackers are able to steal data from underneath your nose as well as ways to better protect your online life in manageable ways.

Author

Chloe Thonus

Category

Technology

Latest episode

Jul 6, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

JadePuffer: The First AI Hacker 06.07.2026

The skill ceiling to become a real ransomware threat actor may have been lowered considerably, as JadePuffer performed an attack as an AI agent with no human intervention, being able to reason its way through problems encountered when deploying ransomware to a target. Sources: https://pastebin.com/XQFj8LAi

Fake Shopify Receipts Part of Callback Phishing Scam 29.06.2026

Shopify has a dashboard that integrates all your web order activity, but this has allowed for a new type of phishing scheme much sneakier than emails. Fake receipts with fake support phone numbers have been popping up in many Shop dashboards. Sources: https://pastebin.com/4HwTfty6

Klue Abused to Steal Salesforce Data 22.06.2026

Klue allows you to get the upperhand on your competitors by using their public data and your internal information to create quick sales talking points, however it may have also leaked your private data via a legacy account that was never deleted.   Sources: https://pastebin.com/3jM6RFYB

The Messy Release of Anthropic's Fable 5 15.06.2026

Fable 5 was based on Mythos, a model so dangerous it could not be released to the general public. But that release did not exactly go smoothly, was complains from customers that is too expensive and restrictive and later an order to shut it down. Sources: https://pastebin.com/xVAah5bd

Meta Support Bot Lets Hackers into High Profile Accounts 08.06.2026

AI support bots can help a lot in basic issues, but they can also cause a massive security incident if they are not well understood. Recently Meta AI's account recovery workflow was exploited by hackers to hijack many high profile accounts. Sources: https://pastebin.com/TCPFaQzG

Charter Communications Customer Data Leaked 01.06.2026

Charter Communications, a major US telecom provider refused to pay a ransom, and so their data paid the price after being leaked on the dark web. Sources: https://pastebin.com/3PVNzDLX

GitHub Data Up For Sale on Dark Web 25.05.2026

GitHub is the most popular code repository site, but after an employee account was compromised their source code was stolen and is now up for sale on the dark web, with threats to leak it if there is not a buyer. Sources: https://pastebin.com/U07MP4M0

Cavnas Hack Brings Chaos During Finals 11.05.2026

Canvas is a massive education platform used globally in education, and they just suffered a hack that has left both students ans educators scrambling during one of their busiest weeks of the year, finals. Sources: https://pastebin.com/tBmP2bxc

0APT and KryBit Hack... Each Other? 04.05.2026

Ransomware groups don't often target each other, but when they do it gets really interesting. Not only can defenders learn a lot about how these groups operate, but it can really boost the reputation of these groups. The only issue is your victim will most likely strike back hard. Sources: https://pastebin.com/Q4jQPqW2

Ransomware Negotiator Pleads Guilty to Helping Hackers 27.04.2026

Ransomware negotiators are supposed to give you the best price to get your files back, but what if they are actually conspiring to get you the worst one? One such man plead guilty to this and revealed just how he worked with the BlackCat group to con his own clients.

Operation PowerOFF Shuts down Major DDOSaaS Operation 20.04.2026

DDoS attacks are common and annoying, not allowing you to visit your favorite app or more dangerously, not allowing you to use important government provided services you may need. Operation PowerOFF claims another criminal enterprise when they arrested 4 people and seized 53 servers involved in a massive DDoS as a service ring. Sources: https://pastebin.com/9iBuHv6a

Project Glasswing and The Future of Cybersecurity 13.04.2026

Anthropic's latest model is supposedly better than all but the most elite level of hackers in discovering and exploiting vulnerabilities, but where does that leave us today and where will we go in the future. Fortunately, at least not any time soon, I don't see the job of the security engineer being stolen by robots.   Sources: https://pastebin.com/QFxpXmcH

$270 Million Stolen from Drift Protocol 06.04.2026

Decentralized finance, when not done correctly, often lends itself to massive crypto heists that result in millions being stolen and the story of the Drift protocol which operates on the Solana blockchain is no different. Attackers didn't actually need a vulnerability in code to pull off this heist, however, just two separate people who signed off on a malicious transaction. Sources: https://paste...

FireFox Tests Free Browser VPN 30.03.2026

FireFox has been a favorite browser among nerds for a while, especially for its privacy capabilities and it seems to be leaning into it even more by implementing a free browser based VPN for testing in its latest update with a 50GB a month data limit. Sources: https://pastebin.com/QNN9Hc7B

Handala Wipes Thousands fo Stryker Systems 16.03.2026

Stryker is a med tech giant, but they have fallen rather hard after a politically motivated ransomware attack wiped thousands of devices after stealing over 50 terabytes of data. Sources: https://pastebin.com/xJEhrhvS

Wikipedia Activates Dormant Worm 09.03.2026

Wikipedia is often used as a starting point for research, and recently it was seemingly under attack. Vandalism is common, but what is uncommon is the activation of malicious code that sat waiting on their systems for years before it was set off by an admin reviewing code. Sources: https://pastebin.com/QRYXC05C

The Concerning Trend of Requiring ID 02.03.2026

I've noticed a concerning trend and legislation coming up in some countries that will require government ID to access certain social media websites. The issue stems from child safety, which is a worthy cause, but it will end up not only putting children at risk, but everyone else as well.

PayPal Left PII Exposed for Half a Year 23.02.2026

Usually data breaches happen from an attacker breaking in, but sometimes an organization inadvertently leaks their own data, PayPal did just this with the most sensitive data about small business owners and it sat on the internet for 6 months. Sources: https://pastebin.com/hxqJeJey

Outlook Add In Hijacked to Steal Accounts 16.02.2026

Outlook add ins can really improve the user experience of the application, allowing for extended capabilities. However if a developer abandons an add in project and leaves it without updates without properly removing it or discontinuing support it could lead to threat actors hijacking a trusted add in and using it to steal information.   Sources: https://pastebin.com/7Kny6W8M

Panera Data Breach from Failed Extortion 09.02.2026

The Shiny Hunters failed to extort Panera in a data theft attack and leaked the data found. Thankfully the damage seems rather minimal as the information is, for the most part, not all that sensitive. Sources: https://pastebin.com/EXKcrrDL

When Vibe Coding Your Ransomware Goes Wrong 02.02.2026

They say never to pay a ransomware, but this one you should especially never pay because you will definitely not get anything back if you do. As it turns out vibe coding can lead to mistakes that end up with threat actors losing the keys to their own ransomware. Sources: https://pastebin.com/VuSZpJKQ

AI Slop Kills cURL Bug Bounty Program 26.01.2026

Bug bounty programs are a good way to practice your hacking skills while contributing to the greater good, but unfortunately some people want the rewards without having the skills, which have resulted in cURL being overwhelmed by completely nonsensical AI slop bug reports. Sources: https://pastebin.com/ZBdpci1U

WhisperPair Vulnerability Allows Eavesdropping on Your Calls 19.01.2026

Bluetooth is the standard these days for listening to audio but it presents some issues that wired doesn't, and I don't mean sound quality. Implementations of Bluetooth protocols can have vulnerabilities and when those hit it could mean you're being listened to. Sources: https://pastebin.com/Kq9TieQC

Instgram Breach Exposes 17.5 Million Accoounts 12.01.2026

Instagram users saw a barrage of password reset attempts on their accounts and it seems to be related to a dataset that was just leaked to BreachForums of scraped user data. Sources: https://pastebin.com/AfMVFBDm

$7 Million in Crypto Stolen from Trust Wallet Users 29.12.2025

The holiday season is a rather expensive time of year, not just with gift buying but with scams that take advantage of the season. One thing rather unexpected however, was a Christmas Eve update that drained the wallets of some TrustWallet users.   Sources: https://pastebin.com/NHqAjqzM

Listen to the Bite Sized Cyber Crime podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.